I have two ASA 5540 firewall running independently behind my internet router.
The reason I can't run active-active mode on the ASAs because I want to enable remote access vpn on both ASAs.
Internet Router address : 18.104.22.168
ASA1 outside address: 22.214.171.124 (NAT pool = 126.96.36.199 - 99; PAT = 188.8.131.52)
ASA2 outside address: 184.108.40.206 (NAT pool = 220.127.116.11 - 199;PAT = 18.104.22.168)
ASA1 inside address: 10.10.10.1
ASA2 inside address: 10.10.10.2
Both inside interfaces of the ASAs connected to a 6509 box same vlan. Vlan int ip address is 10.10.10.3
All of them running EIGRP. CEF is enabled on the internet router and 6509.
I also have a few static NAT on ASA1 pointing to inside servers
Will this design work?
Will my internet traffic (inbound and outbound) be load balanced?
Will there be asymmetric routing problem? (by default CEF does per destination)